Children's Data and Age Verification
Children deserve extra protection online, and the law reflects this. If your service is likely to be accessed by under-18s, the ICO's Children's Code and stricter consent rules apply.
This article gives general guidance on the main considerations.
Key Rules to Know
- In the UK, children aged 13 or over can consent to online services themselves; below that you need parental consent.
- Privacy information must be written so children can understand it.
- Default settings should be high-privacy.
- Profiling and nudge techniques aimed at children are heavily restricted.
Verifying Age Proportionately
Age checks should match the risk. A low-risk site may only need a self-declared date of birth, while higher-risk services need more robust verification.
Designing for Young Users
Avoid collecting more data than necessary, switch off geolocation by default, and make it easy for a child or parent to exercise their rights.
Frequently Asked Questions
My service is not aimed at children — do the rules apply?
If children are nonetheless likely to access it, you should still consider the Children's Code rather than relying on your intended audience alone.
If you need a hand with any of this, your Progressive Robot delivery team is ready to help. Raise a ticket from the Support area of your client portal or speak to your account manager and we will guide you through the next steps.